Chat now with support
Chat with Support

KACE Systems Management Appliance 14.0 Common Documents - KACE Service Desk Administrator Guide

About the KACE Service Desk Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Managing user notifications Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings Configuring Content Security Policy
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Deploying the KACE Agent to managed devices Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Registering KACE Agent with the appliance Provisioning the KACE Agent Manually deploying the KACE Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Using Task Chains
Patching devices and maintaining security
Using the Security Dashboard About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Windows Feature Updates Managing Dell devices and updates Managing Linux package upgrades Manage quarantined file attachments
Using reports and scheduling notifications Monitoring devices
Getting started with monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the appliance
Appendixes Glossary About us Legal notices

Configure user notifications

Configure user notifications

A wide range of predefined notification configurations come included with the appliance.

Administrators can review these configurations on the User Notifications page. Additional details about each configuration are displayed on the User Notification Detail page after selecting it in the list. Some configurations allow you to enable or disable them, while other settings are read-only.

You can use one or more labels to associate a notification configuration with specific users. This causes the resulting notification alerts to be displayed in the Administrator Console only to the users specified by those labels . If a notification configuration is not linked to any users this way, all users with administrative-level permissions can see the related notification alerts in the Administrator Console, when they are triggered. These settings do not apply to the System Administration Console, that always shows all notifications to all users.

1.
Go to the User Notifications list page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Settings, then click User Notifications.
2.
On the User Notifications page, review the list of notifications.
For each item, the list displays its name, description, whether the notification is enabled, category, and any labels associated with it. There are several available categories, each focusing on a specific aspect of your environment. You can, for example, sort the list by category, and review all notifications in a specific segment, such as Security or Patching.
3.
To review or edit a specific notification configuration:
a.
Click the name of a user notification.
b.
Observe the contents of the User Notification Detail page.
The Name, Description, and Category settings are read-only. Some notification configurations allow you to enable or disable them using the Enabled check box. If this box appears greyed out, the notification configuration is always enabled.
c.
Review the Restrict to Labels area, and edit the collection of labels, as needed.
When you add labels to a notification configuration, only the users specified by those labels can see the resulting notification alerts as they are being triggered. If a notification configuration does not point to any specific users using this method, its notifications can be displayed to all users with the administrative-level permissions in the Administrator Console. The System Administration Console, however, shows all notifications to all logged-in users regardless of these settings.
To view, add or edit labels associated with the notification configuration:
1.
Click Restrict to Labels.
2.
In the Select Labels dialog box that appears, review or edit the list of labels that you want to associate with the user notification. You can add multiple labels to each notification configuration.
3.
When done, click OK to return to the User Notification Detail page.
d.
On the User Notification Detail page, click Save.

Enable Two-Factor Authentication for all users

Enable Two-Factor Authentication for all users

Two-Factor Authentication (2FA) provides stronger security for users logging into the appliance by adding an extra step to the login process. It relies on the Google Authenticator app to generate verification codes. The app generates a new six-digit code at regular intervals. When enabled, end users will be prompted for the current verification code each time they log in.

To download the Google Authenticator app, visit one of the following sites, as applicable:
Android devices: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2
iOS devices: https://itunes.apple.com/ca/app/google-authenticator/id388497605?mt=8

You can enable 2FA access to the Administrator Console and User Console for all users in the selected organization using the Two-Factor Authentication page in the Administrator Console, as described below. Alternatively, you can enable or disable 2FA access to the Administrator Console and User Console using the System Administration Console. For more information, see Configure Two-Factor Authentication for organizations.

1.
Go to the Admin-level Two-Factor Authentication page:
a.
Log in to the appliance Administrator Console, https://appliance_hostname/admin. Or, if the Show organization menu in admin header option is enabled in the appliance General Settings, select an organization in the drop-down list in the top-right corner of the page next to the login information.
b.
On the left navigation bar, click Settings, then click Control Panel and in the Security Settings section click Enable 2FA.
2.
To enable 2FA for all users in the Administrator Console, under Enable Two-Factor Authentication for Admin Portal, select Required for all Users.
This option overwrites 2FA settings in the User Details page. When 2FA is enabled for all users on this page, it cannot be disabled for individual users on the User Details page for any users that are associated with the selected organization (if applicable).
3.
To enable 2FA for all users in the User Console, under Two-Factor Authentication for User Portal, select Required for all Users.

Verifying port settings, NTP service, and website access

Verifying port settings, NTP service, and website access

Verify port settings
Verifying the status of the NTP service
Make necessary websites accessible to the appliance

Port settings, NTP service, and website access must be configured correctly to enable features such as Agent communications, Software Catalog updates, and patch downloads.

Verify port settings

Verify port settings

Appliance ports must be configured correctly to enable device management and database or file access.
Ensure that the appropriate appliance ports are not blocked by firewall settings:

Port

Use

Direction

20 and 21

(Optional and not recommended) Used to access backup files on the appliance through FTP from outside the firewall.

Inbound to the appliance

22

(Recommended) Used to create an SSH tunnel to quest.com.

Outbound from the appliance

25

(Optional) Used by the appliance SMTP server for email (non-SSL). This is required only if you configure SMTP email. See Configuring SMTP email servers.

Outbound from the appliance

80

(Required unless SSL is enabled) Used for standard HTTP (web) access to the Administrator Console and User Console.

Inbound to the appliance

110

(Optional) Used for POP3 email (non-SSL)

Inbound to the appliance

161

(Optional) Used for SNMP monitoring. See Discovering devices on your network.

Outbound from the appliance

199

(Optional) Used for unidirectional (read-only) SNMP access to managed devices on the network through SMUX, an SNMP multiplexing protocol. See Configure security settings for the appliance

Outbound from the appliance

443

(Required) Used for SSL access and agent messaging protocol communications.

Devices use this port when they check in to the appliance using HTTPS.

The appliance listens on this port for communications from devices on which the KACE Agent is installed.

Inbound to the appliance

587

(Optional) Used by the appliance SMTP server for secure email (SSL enabled). This is required only if you configure secure SMTP email. See Configuring SMTP email servers.

Outbound from the appliance

995

(Optional) Used for POP3 email (SSL enabled).

Inbound to the appliance

3306

(Optional) Used to access the appliance database with external tools. For example, this port is used to run reports on the appliance database using Microsoft Access® or Excel®.

Inbound to the appliance
Ensure that the appropriate device ports are accessible to the appliance:

Port

Use

7

(Optional) Used by the appliance for UDP traffic on the network, which is used for Wake-on-LAN. See Using Wake-on-LAN.

139

(Optional) Used during KACE Agent provisioning on Windows devices.

161

(Optional) Used for SNMP monitoring. This port should be open and bound to SNMP. See Discovering devices on your network.

445

(Optional) Used during KACE Agent provisioning. See Provisioning the KACE Agent.
To use an LDAP server for authentication, ensure that the appropriate ports are accessible from the appliance:

Port

Use

389

(Optional) Used for LDAP access.

636

(Optional) Used for secure LDAP access.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating